Since its first use in 2008, blockchain technology has come a long way. It has developed to distributed virtual machines that execute smart contracts and much more. Blockchains have a potential application in many industries and offer great innovation potential for organizations.
With all the opportunities and value new technologies can deliver, the risks are often neglected. This is why in this book, Florian Mair identifies risks to data integrity on blockchains. Further he assesses the differences regarding data integrity among private and public blockchains.
Mair has found overall 11 risks which are applicable to public blockchains. But even though some of them got rated as a high risk there is currently no evidence that a blockchain should be considered insecure. The author discusses some actions that can be taken to mitigate the identified risks.
In this book:
- data security;
- risk management;
- bitcoin;
- risk assessment;
- Distributed Ledger Technology
Table of Contents
1 Introduction
1.1 Research Gap and Research Question
1.2 Motivation
1.3 Value Proposition
1.4 Outline
2 Background
2.1 Centralized, Decentralized & Distributed Systems
2.2 Blockchain Technology
2.3 Data Security
2.4 IT Risk Management
2.5 Previous research
3 Qualitative Research Methodology
3.1 Data Collection Method
3.2 Focus Interview
3.3 Ontology & Epistemology
3.4 Content Analysis
3.5 Data Presentation
3.6 Scientific Quality Criteria
4 Results for Risk Identification
4.1 Interview Participants
4.2 Identified Risks
4.3 Differences in Public and Private Blockchains
5 Discussion / Explanation of identified Risks and Differences
5.1 Identified Risks
5.2 Differences public and private blockchains
6 Quantitative Research Methodology
6.1 Online Survey Design
6.2 Data Analysis & Visualization
6.3 Scientific Quality Criteria
7 Results for Risk Evaluation
7.1 Survey Participants
7.2 Research Results
8 Discussion & Implications of the Results from the Risk Evaluation
8.1 Discussion
8.2 Implications of Results
9 Limitations of the Research
10 Conclusion
11 References
Research Objectives and Key Topics
The primary research objective is to identify and evaluate threats to data integrity within public blockchain systems. By employing a dual-method approach, the study aims to determine the likelihood and potential consequences of these risks, while also comparing integrity-related differences between public and private blockchain architectures to support organizational decision-making.
- Identification of data integrity threats in public blockchains
- Comparative analysis of public versus private blockchain security
- Qualitative expert research using focus interviews
- Quantitative risk assessment via online survey
- Development of risk mitigation strategies
Excerpt from the Book
2.2.3 Bitcoin Blockchain Design
The bitcoin blockchain is a chain of blocks which contain financial transactions. Every block is linked to the previous block by including the hash of the previous block, which proves that a certain state was valid at the defined point of time, because the past cannot be changed without a very high investment in computing power. This is due to the parent / child relationship that blocks have. A block contains the hash of the previous block header, therefore if a block changes all subsequent would have to change too. Therefore a block gets more secure the more subsequent blocks exist (Antonopoulos, 2015). A valid hash for a block has to start with a defined number of zero bits. To find the hash of the block POW is used. After successful finding a suitable hash, the miner is rewarded with a mining incentive, which depends on the block height. The bitcoin network is a collection of individual nodes, that operate in a distributed manner, and can be joined by anyone without any special permission, which is also called a permissionless public blockchain (more on that in Chapter 2.2.5).
Bitcoin increases the level of privacy for users by eliminating the trusted third party, normally used for validating financial transactions (Nakamoto, 2008). The simplified blockchain header in Figure 2 shows the inclusion of the Merkle root of all transactions. Within the bitcoin network, all transactions are at the bottom of the tree and hashed in pairs of 2, until only one (the Merkle root) hash remains. This procedure can work with an arbitrarily number of transactions and the Merkle root will always be 32 Byte. Figure 3 shows what a Merkle tree of bitcoin transactions looks like. Bitcoin uses the collision free hash algorithm SHA256 (Bashir, 2018).
Summary of Chapters
1 Introduction: Provides the motivation for the study, highlights the current research gap regarding data integrity in blockchain systems, and outlines the core research questions.
2 Background: Delivers foundational knowledge on decentralized systems, blockchain architecture, data security (CIA triad), and IT risk management frameworks.
3 Qualitative Research Methodology: Describes the explorative research design, justifying the use of in-depth focus interviews to identify blockchain-specific integrity risks.
4 Results for Risk Identification: Presents the findings from the qualitative interviews, detailing 11 identified risks to data integrity in public blockchain systems.
5 Discussion / Explanation of identified Risks and Differences: Provides an analytical breakdown of the identified risks and explores the fundamental integrity differences between public and private chains.
6 Quantitative Research Methodology: Explains the design of the online survey used to evaluate the identified risks through numerical likelihood and consequence metrics.
7 Results for Risk Evaluation: Shows the quantitative outcomes of the survey, visualizing the impact and occurrence probability of the risks in a matrix format.
8 Discussion & Implications of the Results from the Risk Evaluation: Interprets the risk scores, discusses practical implications for organizations, and suggests mitigation strategies.
9 Limitations of the Research: Addresses the constraints of the study, including sample size, research method limitations, and potential biases.
10 Conclusion: Summarizes the study’s findings, confirms that blockchain is not inherently insecure, and proposes directions for future research.
Keywords
Blockchain, Data Integrity, Risk Management, Public Blockchain, Private Blockchain, Data Security, IT Governance, Smart Contracts, Consensus Attack, Qualitative Research, Quantitative Analysis, Risk Assessment, 51% Attack, Distributed Ledger, Information Security
Frequently Asked Questions
What is the primary focus of this research?
The work primarily focuses on assessing data integrity risks specifically within public blockchain systems and identifying how these risks compare to those found in private blockchain environments.
What are the central thematic fields covered?
The key themes include blockchain technology design, data security fundamentals (the CIA triad), IT risk management standards, and the comparison of public versus private blockchain architectures.
What is the primary research goal?
The main goal is to identify threats to data integrity in public blockchains and to evaluate these risks through a combination of qualitative expert interviews and quantitative surveys to provide actionable insights for organizations.
Which scientific methods are applied in this work?
The author uses a mixed-methods approach: a qualitative phase involving semi-structured focus interviews with experts for risk identification, followed by a quantitative phase using an online survey for risk evaluation and prioritization.
What does the main body of the paper address?
The main body systematically explores blockchain fundamentals, establishes a research methodology, identifies 11 specific data integrity risks, and evaluates these risks regarding their likelihood of occurrence and their consequences on data.
Which keywords best characterize this research?
Essential keywords include Blockchain, Data Integrity, Risk Management, Public/Private Blockchain, Information Security, Consensus Attack, and Smart Contract vulnerabilities.
How does the author distinguish between public and private blockchain risks?
The author analyzes differences such as consensus models, code quality, susceptibility to 51% attacks, and the level of data privacy, noting that public chains provide more decentralization while private chains offer more controlled, permissioned environments.
What are the most significant risks identified for public blockchains?
The study highlights risks such as 51% consensus attacks, poor quality of smart contract code, the existence of alternative chains (forks), and the potential for trust issues regarding protocol developers and third-party service providers.
Does the research conclude that public blockchains are insecure?
No. While the study identifies significant risks, the author emphasizes that there is currently no evidence that blockchain technology should be considered insecure, but rather that these risks must be carefully managed before implementation.
- Citar trabajo
- Florian Mair (Autor), 2019, Assessment of Data Integrity Risks in Public Blockchain Systems, Múnich, GRIN Verlag, https://www.grin.com/document/453191
